One final question. Looking at the information under DIAGNOSTICS (Setup > Tools), under the section for SUBSCRIPTION SERVICES there is an entry for:

SEND LOGS TO MANAGEMENT = ENABLED

Can someone please tell me what these logs are?

What information is being tracked?

Where is it being sent?

Who can see it?

What is the information used for?

Is it sold or provided to partners and third-party entities (and again, for what purposes - i.e. marketing, etc.)?

Obviously this set of a red flag with regards to privacy and I cannot find anything anywhere that would allow me to OPT IN or OUT, or that even identifies what is being logged, who has access to it and for what purpose/use.

Has anyone else noticed this?

First, this is a user forum and not a technical support group. To get an official company response you will need to contact the company's technical support. You are addressing a group of users who don't charge you for help so lighten up on the threats. Besides, most of us probably couldn't care less if you destroyed your router.

Now, to answer your question (for free, too): The logs are sent to Sofaware so that they are capable of generating your weekly reports. If you don't want the reports, then disable the feature. And don't worry about spyware at this point; if you don't trust Zonealarm, it's too late now. You already agreed to their privacy terms when you bought the router.

Texas Rocket:

First of all, I am fully aware this is not a tech support group. I posted as a question "to other users".

It is NOT an unreasonable question.

Second - I made NO MENTION of destroying anything. I am not the one to 'lighten up' I think.

Third - I am not interested in knee-jerk reactions (or useless comments).

It's obvious logs are going to Sofaware. I simply want to know what is logged, how it's used, by who - and if the information is sold to third parties.

It's a simple question - and I am not necessarily opposed to this - but I do take issue if it is done without my knowledge or consent - which is why I am trying to EDUCATE MYSELF before I make any determinations in this regard.

Typically companies will post this information publicly as a privacy statement - or something that users can refer to if questions such as this a rise. However, in this case, it seems to be an obscured "feature" - and I am hard pressed to find any information on the company sites or literature - which raised the red flag for me personally.

The fact that the ISP for Sofaware is not in the US (Isreal - based on what I see in my logs) - also raising questions with regards to privacy protection.

All of this may be no big deal - I'm prepared to accept that - I am just looking for more information.

As for disabling this 'reporting' - WHERE IS THAT? Because I see no way to OPT IN or OUT of this remote logging 'feature' other than to completely DISCONNECT from all subscribed services. And there does not seem to be any way of 'downloading' filters to the box to manage this locally.

And for the record, NONE of this is indicated in any PRE-SALE literature. If it is - show me because I sure didn't see it.

DE2790, My response was to "QuestionMark" who posted this then pulled it from the forum. Your question was very reasonable. Sorry for the confusion.

quote:

Posted May 24, 2008 09:47 PM by Question Mark
If noone answers in the next 2 weeks
the router will be destroyed & i'll never trust zonelabs/sofaware with anything ever again!!

I have to second DE2790's concerns. I noticed the same thing.

I also noticed, buried in the fine print of the license agreement, the following statement "You acknowledge that during the support period check point may from time to time collect log information from your product for the purpose of providing periodical [sic] security reports, as well as internal check point security and product improvement research purposes (collectively "log information"). No personal identifiable [sic] information will be collected and the log information shall not be distributed by check point or shared with third parties.""

I'm not sure how "personal identifiable" information can be construed in this case. From log data, they would know your ip address, mac address, and the ip addresses that you connect with. Seems like too much information to be sharing, especially if your connection data is confidential.

As best as I can tell, this monitoring appears to be directly tied with the ability to get firmware updates. In other words, it appears you have to allow them a disturbing level of insight into your network in order to get firmware updates. After the trial period, I may not be willing to pay for them to have this sort of "insight".

I agree with the point that they could add nefarious code to do this without telling anyone; at least they are up front about it. But I'd much rather that they, as a reputable company in the security business, decided that this sort of behavior is akin to spying, not customer support.

I'm about to finish installing another company's router and monitor as an outer firewall. It's possible this traffic will trip alarms, since it will appear to be unauthorized.

I'll probably write to the tech support folks and find out what ports, protocols, and ip addresses have to be authorized for this function to work.

And I have to agree with DE2790 with another point: how the heck do I turn off individual functions like SEND LOGS TO MANAGEMENT?